Honolulu Star-Advertiser

Thursday, December 12, 2024 76° Today's Paper


Top News

Attacks on the internet keep getting bigger and nastier

NEW YORK >> Could millions of connected cameras, thermostats and kids’ toys bring the internet to its knees? It’s beginning to look that way.

On Friday, epic cyberattacks crippled a major internet firm, repeatedly disrupting the availability of popular websites across the United States. The hacker group claiming responsibility says that the day’s antics were just a dry run and that it has its sights set on a much bigger target. And the attackers now have a secret weapon in the increasing array of internet-enabled household devices they can subvert and use to wreak havoc.

MEET THE FIRE HOSE

Manchester, New Hampshire-based Dyn Inc. said its server infrastructure was hit by distributed denial-of-service, or DDoS, attacks. These work by overwhelming targeted machines with junk data traffic — sort of like knocking someone over by blasting them with a fire hose. The attack temporarily blocked some access to popular websites from across America and Europe such as Twitter, Netflix and PayPal.

Jason Read, founder of the internet performance monitoring firm CloudHarmony, owned by Gartner Inc., said his company tracked a half-hour-long disruption early Friday affecting access to many sites from the East Coast. A second attack later in the day spread disruption to the West Coast as well as some users in Europe.

Members of a shadowy hacker group that calls itself New World Hackers claimed responsibility for the attack via Twitter, though that claim could not be verified. They said they organized networks of connected devices to create a massive botnet that threw a monstrous 1.2 trillion bits of data every second at Dyn’s servers. Dyn officials wouldn’t confirm the figure during a conference call later Friday with reporters.

MAKE THAT, MANY FIRE HOSES

DDoS attacks have been growing in frequency and size in recent months. But if the hackers’ claims are true, Friday’s attacks take DDoS to a new level. According to a report from the cybersecurity firm Verisign, the largest DDoS attack perpetrated during that second quarter of this year peaked at just 256 billion bits per second.

A huge September attack that shut down of security journalist Brian Krebs’ website clocked in at 620 million bits per second. Research from the cybersecurity firm Flashpoint said Friday that the same kind of malware was used in the attacks against both Krebs and Dyn.

Lance Cottrell, chief scientist for the cybersecurity firm Ntrepid, said while DDoS attacks have been used for years, they’ve become very popular in recent months, thanks to the proliferation of “internet of things” devices ranging from connected thermostats to security cameras and smart TVs. Many of those devices feature little in the way of security, making them easy targets for hackers.

The power of this kind of cyberattack is limited by the number of devices an attacker can connect to. Just a few years ago, most attackers were limited to infecting and recruiting “zombie” home PCs. But the popularity of new internet-connected gadgets has vastly increased the pool of potential devices they can weaponize. The average North American home contains 13 internet-connected devices , according to the research firm IHS Markit.

Since the attacks usually don’t harm the consumer electronics companies that build the devices, or the consumers that unwittingly use them, companies have little incentive to boost security, Cottrell said.

WHAT’S BEHIND THE ATTACKS

Like with other online attacks, the motivation behind DDoS attacks is usually mischief or money. Attackers have shut down websites in the past to make political statements. DDoS attacks have also been used in extortion attempts, something that’s been made easier by the advent of Bitcoin.

For its part, a member of New World Hackers who identified themselves as “Prophet” told an AP reporter via Twitter direct message exchange that collective isn’t motivated by money and doesn’t have anything personal against Dyn, Twitter or any of the other sites affected by the attacks. Instead, the hacker said, the attacks were merely a test, and claimed that the next target will be the Russian government for committing alleged cyberattacks against the U.S. earlier this year.

“Twitter was kind of the main target. It showed people who doubted us what we were capable of doing, plus we got the chance to see our capability,” said “Prophet.” The claims couldn’t be verified.

The collective has in the past claimed responsibility for similar attacks against sites including ESPNFantasySports.com in September and the BBC on Dec. 31. The attack on the BBC marshalled half the computing power of Friday’s attacks.

A SHIFTING GLOBAL ASSAULT

Dyn said it first became aware of an attack around 7:00 a.m. local time, focused on data centers on the East Coast of the U.S. Services were restored about two hours later. But then attackers shifted to offshore data centers, and the latest wave of problems continued until Friday evening Eastern time.

“Prophet” told the AP that his group actually had stopped its attacks by Friday afternoon, but that others, including members of the hacker collective known as Anonymous, had picked up where they left off. Anonymous didn’t respond to a request for comment via Twitter.

The U.S. Department of Homeland Security is monitoring the situation, White House spokesman Josh Earnest told reporters Friday. He said he had no information about who may be behind the disruption.

Cottrell noted that there are several firms that offer protection against DDoS attacks, by giving companies a way to divert the bad traffic and remain online in case of an attack. But monthly subscription fees for these services are generally equal to a typical DDoS extortion payment, giving companies little incentive to pay for them.

Meanwhile not much is required in the way of resources or skill to mount a botnet attack, he said, adding that would-be attackers can rent botnets for as little as $100. Cottrell said the long-term solution lies in improving the security of all internet-connected devices.

10 responses to “Attacks on the internet keep getting bigger and nastier”

  1. wn says:

    Check and balances need to…if ever…possible to prevent a catastrophic event. Hopefully air traffic control, electrical grid, NYSE, etc. will not be hacked. So far it’s been disruptions, which is bad enough, control and manipulation could cause a global chaos. Cyber terrorism.

  2. wrightj says:

    My internet service keeps dropping in and out; could this be the reason?

    • KaneoheSJ says:

      No, you probably has Roadrunner which means you share your line with your neighborhood. Have you noticed that around five in the afternoon your signal is degraded as in buffering on your Netflix, etc.? Well, that’s because everyone’s jumping online after work and school. I’ve had that problem and my friends who still have Roadrunner continue to have that same problem. You need to switch to Hawaiian Telcom’s fiber optic dedicated line to get better quality signal. I’ve switched and am no longer dogged by that problem. And, no, I do not work for or gain anything from Hawaiian Telcom except better signal and lower rates for cable tv. One thing that Oceanic does not tell you is that, yes, you can sign up for their wonderful low rates for cable and internet. But once that one year is over your bill goes skyrocketing up. And you can’t jump on another promo. You’re pretty much stuck with the higher rate. Unless you switch. With Hawaiian Telcom you can jump on another promo after your current promo expires. Hope this helps.

  3. WizardOfMoa says:

    Back to snail mail, rotary phones, typewriters, file cabinets, horse and buggy, etc.?

  4. KaneoheSJ says:

    Given the motive of New World Hacker’s is to target Russia for their hacks on U.S. facilities, Trump should be worried as he would probably be their next target due to the fact that Russia’s motive was to affect the elections in Trump’s favor.

    • cojef says:

      A Tit for Tat? Hope that’s all and not impact on our National Security????? Much of our weaponry and military preparedness are certainly going to be affected????

  5. WizardOfMoa says:

    KaneoheSJ, what a kind and informational comment from you. It’s great to read helpful and positive posting . Just makes our day better. Lifetime of happiness for you and your family !

  6. saywhatyouthink says:

    Too bad the US government doesn’t have the power to cut off internet access to hostile foreign countries. That ability would come in handy in today’s world.
    Since the internet originated with the US military, the government was really shortsighted in not taking steps to maintain ultimate control.

Leave a Reply